This paper discusses the design, implementation, and deployment of a secure
and practical payment system for electronic commerce on the Internet. The
system is based on the iKP family of protocols-(i = 1, 2, 3)-developed at I
DM Research. The protocols implement credit card-based transactions between
buyers and merchants while the existing financial network is used for paym
ent clearing and authorization. The protocols are extensible and can be rea
dily applied to other account-based payment models, such as debit cards. Th
ey are based on careful and minimal use of public-key cryptography and can
be implemented in either software or hardware. Individual protocols differ
in both complexity and degree of security.
In addition to being both a precursor and a direct ancestor of the well-kno
wn SET standard, iKP-based payment systems have been in continuous operatio
n on the Internet since mid-1996. This longevity-as well as the security an
d relatively c simplicity of the underlying mechanisms-makes the iKP experi
ence unique. For this reason, this paper also reports on, and addresses, a
number of practical issues arising in the course of implementation and real
-world deployment of a secure payment system.